<%@ page pageEncoding="UTF-8"%>
<%!
    public Message authorize(HttpServletRequest request, Role role) {
		Message msg = new Message();
		String path = request.getServletPath();
		path = path.substring(path.lastIndexOf("/") + 1, path.lastIndexOf("."));
		List<String> list = QBuilder.db("basedb").queryHql("select p.operation from Permission as p, Role as r where p.hospital = " + role.getHospital() + " and p.status = " + STATUS_ENABLE + " and r.hospital = " + role.getHospital() + " and r.status = " + STATUS_ENABLE + " and r.uid = " + role.getUid() + " and r.pid = p.id");
		boolean p = false;
		for (int i = 0; i < list.size(); i++) {
			Pattern pattern = Pattern.compile(list.get(i));
			Matcher matcher = pattern.matcher(path);
			if (matcher.matches()) {
				p = true;
				break;
			}
		}
		if (!p)
			setErrcode(msg, NO_PERMISSOIN);
		return msg;
	}
%>
<%
	
	Role role = Role.fromMap(parameters, Role.class);
	role.setUid(token.getUid());
	msg = authorize(request, role);
	if (msg.getErrcode() != 0) {
		Tools.encryptPrint(out, msg);
		return;
	}
%>